Don't fail checks if a package.json without dependencies is encountered

[kmoe]

Thanks for this great module! It just required one tweak so that I could use it, and I hope you'll consider upstreaming the fix.

The way npm-shrinkwrap-check works is to traverse your whole project looking for package.json files. It assumes each one of these contains a JSON object with a dependencies property. However, this is not true for all package.json files.

For example, the node module read-package-tree contains this file: https://github.com/npm/read-package-tree/blob/master/test/fixtures/empty/node_modules/foo/package.json This gets picked up by npm-shrinkwrap-check and an error is thrown because pkg.dependencies is undefined.

My fix simply returns early in the dependency gathering stage if the pkg object does not have the right shape for our purposes.

[Morantron]

Hi @kmoe! Thanks for the PR!

In case you are getting an Error parsing JSON /some/path/to/package.json, that's the expected behavior.

I guess you are using the -3 flag right? I think the actual issue it's then in the isValidPath check. As you can see that package.json file is not an actual dependency, but some package.json file inside the tests folder.

Looks like isValidPath can be improved, would you like to submit a PR to fix that issue? :dancers: